New website, who dis? Welcome to my new website! I hope to use this site much more than in the previous 10 years as I am now in a new, innovative, and community driven company: SCYTHE. This is my personal site so I plan to use it to share the events I will be attending. As you know, […]
Red Team Village Mayhem Presentation If you know me, you know I’ve always wanted to speak at Blackhat and DEF CON. This year will be different with DEF CON in Safe Mode but since I submitted talks, the folks at Red Team Village reached out to see if I would present at Red Team Mayhem […]
Had a great time catching up with Robert Rounsavall from Trapezoid on his podcast SYN-ACK FIN-ACK. We covered quiet a bit, here are some highlights: How I got into IT 3 years at Terremark Shifting to Information Security Working in Terremark’s SOC and the July 4, 2009 DDOS (https://en.wikipedia.org/wiki/July_2009_cyberattacks), Cloud Security pilot for USG/GSA, Meeting […]
As I have spent some time researching and developing a WP8 application security testing methodology and process, I have come up with three key security features that are missing from Microsoft’s Windows Phone 8. From an offensive security perspective, these feature are good to have for testing but from an end user perspective, they are […]
By now you should be familiar with the WP8 app you are testing and need to see the type of traffic it is sending to transmit data to the Internet. This post will show you how to use an HTTP proxy, configure it on the WP8 device, and install a digital certificate to see HTTPS […]
The first three posts in this series were an introduction to WP8 platform, prerequisites for testing, and side loading the XAP file. At this point you should have the app installed on your device or emulator. If a XAP file was not provided, obtain the app from the Microsoft App Store as an end user […]
This is the third part of a series on testing WP8 Apps. The first post introduced you to the WP8 platform and the second post had you install the prerequisites. This post will focus on the XAP file and side loading it onto your device or emulator. Side loading is the act of installing an […]
This is the second post of a series on WP8 App Security and is focused on setting up the environment where you will test WP8 apps. You should already have a basic understanding of how the WP8 platform works. We will focus on the prerequisites for the tools and methods required to test WP8 apps. […]